#jinja2: trim_blocks: False
include "/etc/rndc.key";
options {
        listen-on port {{ designate_bind_port }} { {{ hostvars[inventory_hostname]['ansible_' + hostvars[inventory_hostname]['api_interface']]['ipv4']['address'] }}; };
        {% if api_interface != dns_interface %}
        listen-on port {{ designate_bind_port }} { {{ hostvars[inventory_hostname]['ansible_' + hostvars[inventory_hostname]['dns_interface']]['ipv4']['address'] }}; };
        {% endif %}
        directory       "/var/lib/named";
        allow-new-zones yes;
        dnssec-validation {{ designate_dnssec_validation }};
        auth-nxdomain no;
        request-ixfr no;
        recursion {{ designate_recursion }};
        {% if designate_forwarders_addresses %}
        forwarders { {{ designate_forwarders_addresses }}; };
        {% endif %}
        minimal-responses yes;
        allow-notify { {% for host in groups['designate-worker'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }};{% endfor %} };
};

controls {
        inet {{ hostvars[inventory_hostname]['ansible_' + hostvars[inventory_hostname]['api_interface']]['ipv4']['address'] }} port {{ designate_rndc_port }} allow { {% for host in groups['designate-worker'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}; {% endfor %} } keys { "rndc-key"; };
};
